About Venafi

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the datacenter to the cloud and beyond—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top–tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com.

About Venafi

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the datacenter to the cloud and beyond—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top–tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com.

About Venafi

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the datacenter to the cloud and beyond—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top–tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com.

The IT security world has been shaken by a series of breaches that some say spells the death of Public Key Infrastructure (PKI) technology.

Comodo, Sony, RSA Security and other breaches have seen established and trusted organisations fall from grace as they became victims of hacking. With Comodo and StartSSL in particular the resultant outcry has focused on the future of PKI.

I don’t accept, as some say, that PKI is dead or dying. Of course, working for a PKI vendor, you could argue I have to say that.

Nevertheless, I believe PKI is the best we’ve got. It will not be replaced any time soon – to argue otherwise is a waste of energy. In fact, I actually think that 2012 is the year of PKI.

Rather than rehash the various hacks and what went wrong, I’d like to focus on the critical role certificates and PKI play in securing data and authenticating systems across all types of organisations. And think of all the systems that now leverage PKI, including the traditional IT data centre infrastructure, public and private clouds, and an exploding number of mobile devices that require authentication, to name just a few.

Within a PKI, a certificate authority assigns each system or user a unique identity – a digital certificate – that allows the certificate holder to work within the protected environment. This allows organisations to let customers, partners, and employees authenticate to systems and users. I would argue, perhaps controversially, that PKI delivers a virtually seamless experience for users while providing trusted security.

And it is the word trusted that many of you will scoff at.

How can they be trusted?

To pretend that they’re infallible is churlish. Instead, what needs to be recognised is that the world we live in is imperfect and, a bit like a car, we need more than one security feature if we’re to prevent ourselves flying through the windscreen.

Let’s use the car analogy to illustrate the point. Cars have brakes to stop them in an emergency. Yet, all too often, there are accidents. Has anyone pointed the finger at the braking system and declared it dead? Of course not. Instead, the designers have worked tirelessly to improve the overall safety of vehicles, installing impact bars and roll cages, seatbelts, and an airbag just to make sure. An organisation’s security should be approached in much the same way.

To do this, we need to first understand the challenges faced. Depending on the IT environment where keys and certificates are being deployed, some or all of these risks may apply:

• Certificates that are not renewed and replaced before they expire can cause serious unplanned downtime and costly outages
• Private keys used with certificates must be kept secure or unauthorised individuals can intercept confidential communications or gain unauthorised access to critical systems
• Regulations and requirements (like PCI-DSS) require much more stringent security and management of cryptographic keys, and auditors are increasingly reviewing the management controls and processes in use
• The average certificate and private key require four hours per year to manage, taking administrators away from more important tasks and cost hundreds of thousands of dollars per year for many organisations
• If a certificate authority (CA) is compromised or an encryption algorithm is broken, organisations must be prepared to replace all of their certificates and keys in a matter of hours
• The rollout of new projects and business applications are hindered because of the inability to deploy and manage encryption to support the security requirements of those projects

Manage certificates properly

As this highlights, certificate and encryption or private key management can be complicated. The fact that there are typically several people involved in the management of certificates and private keys makes the probability of error even higher.

By clearly defining roles and responsibilities so that everybody knows what they’re responsible for can significantly decrease the likelihood of failure and make it easier to work out how to improve processes when something does go wrong. In some areas, system administrators will manually enroll for and install certificates. In others, a central system may be used for automated installation.

The last thing you want as an organisation is to be running around trying to figure out who is responsible for a key or certificate when an issue arises. Compile a list of responsible groups and/or individuals for each key and certificate in your inventory and develop a method for keeping the information current.

Prepare for it

If you act on the principle that you’re going to be hacked – it’s just a matter of time – then at least you’ll be prepared should happens.

Just like brakes in a car, encrypt everything. Ensure that your encryption systems provide the security they are designed to deliver while simultaneously reducing operational risk and administrative workload. Finally, know where everything is.

PKI and SLL are sensible platforms for certificate management. Abolishing them and putting something else in their place is not feasible – the vehicle already exists and it is not going away anytime soon. Instead, organisations need to recognise the challenge of using them and decide how they’re going to handle the coming explosion in certificates.

“Within a PKI, a certificate authority assigns each system or user a unique identity – a digital certificate – that allows the certificate holder to work within the protected environment. This allows organisations to let customers, partners, and employees authenticate to systems and users. I would argue, perhaps controversially, that PKI delivers a virtually seamless experience for users while providing trusted security. And it is the word trusted that many of you will scoff at.”
Read More

“‘Man-in-the-middle attacks have drained billions of dollars from enterprises and customer accounts, have inflicted unquantifiable levels of reputational damage on victim organizations, and weakened trust levels across the Web,’ explains Jeff Hudson, CEO of Venafi, an organization that provides encryption management solutions. ’Organizations that leverage the Web and require secure customer and partner transactions should ensure that they have strong SSL connections in place, an accurate and thorough inventory of all digital certificates deployed, well-managed and automated security processes, and a remediation plan that can provide fast recovery in case of compromise.’”
Read More

“The FBI recommends checking the author or digital certificate of any prompted update to see whether it corresponds to the software vendor, as this might reveal whether it is an attempted attack. Jeff Hudson, CEO of key management vendor Venafi, calls this a ‘wake-up call’ for IT pros who manage their organizations’ vast certificate and software update programs. ‘[IT pros] need to understand that end users are typically the weakest link in the security chain,’ he says. ‘To compensate, they need to adopt automated security processes that eliminate the unquantifiable risk that arises from human error and misunderstanding. Organizations that automate and centrally manage security and compliance processes reduce their risk of a data breach significantly.’”
Read More

Job Description:

The Partner Field Manger will be responsible for the day-to-day partner support in their region and overall partner success. The Field Manager will be responsible for individual sales success and will act as the partner liaison with Venafi corporate field teams and marketing teams.

Responsibilities:

• Work with BD and field team(s) to target, recruit and sign up Venafi Channel Partners.
• Execute on Channel Partner sales quota for North America
• Assist in creating partner go-to-market plans
• Account and opportunity support including pricing and proposal assistance
• On site event support
• Presentation and training support
• Liaison between Venafi field reps and partner reps
• Assisting in management partner and channel conflict
• Working with partner on pipeline development and deal registration
• Closely partner with Venafi Channel Marketing team to execute partner go to market plans.

Required Skills & Knowledge:

• Degree from a 4-year accredited college or university
• Five to seven years partner management experience and partner sales experience. Must have demonstrated consistent ability to achieve channel sales quota and ensuring partner success.

Company Overview:

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM), and automates the provisioning, discovery, monitoring and management of digital certificates and encryption keys across heterogeneous environments. Venafi reduces the unquantified and unmanaged risks of encryption deployments that result in data breaches, security audit failures and system outages. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. For more information, go to www.venafi.com.

Venafi is looking for highly motivated, self-starting, top performing individuals to help further grow its leadership position in the rapidly expanding enterprise key and certificate management (EKCM) market and support the needs of its growing customer base. Venafi offers a strong team environment that encourages excellence, seeks out and rewards individual contributions, and provides opportunities for personal and professional development. A competitive, comprehensive benefits package is offered to full-time employees.

To apply for this position, click on the Apply Now button below or send an email with a resume attached to careers@venafi.com. Include the job code and job title in the email subject line and attach your resume.

Job Description:

The Professional Services Engagement Manager has a lead role within Professional Services for delivering Customer Success. The Engagement Manager will work with Venafi staff across the company, partners, industry experts, and customers to manage Professional Services engagements with customers. The Engagement Manager will assist the customer project manager in developing a plan to successfully deploy a Venafi based solution to solve identified customer business problems. The Engagement Manager will manage Venafi resources on the project, including PS staff and partners as appropriate, to ensure successful delivery. The Engagement Manager will manage critical project metrics such as budget; resource scheduling; milestone delivery; quality of deliverables, tasks, and proposed solutions; prioritization within and across projects; activities across Venafi teams; status reporting; escalations, both within Venafi and within customer organizations; and maintenance of project documents. The Engagement Manager will serve as both a customer advocate within Venafi as well as a Venafi advocate within the customer organization. Close working relationships with groups across Venafi; partner organizations; and customer organizations is crucial.

Travel to customers, Venafi headquarters, and industry events will be required.

Responsibilities:

• Help Venafi ensure the success of its customers by completing all of the below tasks at a high level.
• Help the Venafi Professional Services organization extend its leadership as a world class operation by assisting in the development, sales, and delivery of service offerings in support of customers purchasing Venafi products.
• Provide leadership within Venafi and with our customers in the successful delivery of solutions for customers based on Venafi and partner products and technology, addressing specific customer business problems.
• Participate in business development activities including pre-sales meeting with clients and Sales team.
• Establish and maintain management and oversight of assigned Professional Services engagements, including third party sub-contractors. Ensure all Professional Services processes are followed on all engagements.
• Establish and maintain effective working relationships with clients.
• Assist in recruiting staff, strategy development, etc. as necessary.
• Work with Venafi Product Management to ensure the development of products that provide ease of deployment for customers.

Minimum Requirements:

• Minimum 5 years of project and/or engagement management experience working with complex systems, including hardware and software based solutions with multiple tiers.
• At least 10 years professional services/consulting experience, leading the deployment of enterprise software inside of a customer environment in a travel role (at least 20% travel), preferably for a software product company.
• Proven business acumen to be able to determine the critical business problems to be solved and to articulate the business solution to customers.
• Excellent presentation, verbal, and written communications skills.
• Proven experience successfully working with sales, client IT, and client end-user groups in high-pressure situations.
• Familiarity with Public Key Infrastructure (PKI) and other data security concepts.
• The ability to identify potential issues early on and escalate to management as appropriate.
• Sense of urgency, self-managed and goal oriented attitude.
• Extensive experience consistently traveling for business purposes.
• Willingness to travel 25-30% within US and Canada; other international travel a possibility.

Preferred Requirements:

• 12+ years’ experience working with complex systems, including hardware and software based solutions with multiple tiers.
• Data security and/or systems management industry experience.
• CISSP and/or PMP (or equivalent) certification.
• Location is flexible; preference for major US city for ease of travel and proximity to likely customer base.

Company Overview:

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM), and automates the provisioning, discovery, monitoring and management of digital certificates and encryption keys across heterogeneous environments. Venafi reduces the unquantified and unmanaged risks of encryption deployments that result in data breaches, security audit failures and system outages. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. For more information, go to www.venafi.com.

Venafi is looking for highly motivated, self-starting, top performing individuals to help further grow its leadership position in the rapidly expanding enterprise key and certificate management (EKCM) market and support the needs of its growing customer base. Venafi offers a strong team environment that encourages excellence, seeks out and rewards individual contributions, and provides opportunities for personal and professional development. A competitive, comprehensive benefits package is offered to full-time employees.

To apply for this position, click on the Apply Now button below or send an email with a resume attached to careers@venafi.com. Include the job code and job title in the email subject line and attach your resume.

Job Description:

As a user experience manager at Venafi, you’ll be part of an extremely motivated, dedicated, and experienced team that’s responsible for managing some of the most important assets at Global 2000 companies. You’ll contribute directly and significantly to the products we ship. You’ll have a highly capable team to support you, and direct access to our customers. You’ll use your design and problem-solving skills to create compelling, world-class, enterprise management products. In collaboration with a cross-disciplinary team of peers, you’ll be defining the way users interact with our products.

As a company, Venafi is committed to user experiences that leave customers delighted. You’ll be supported in dreaming big. We value the user experience process and encourage full-spectrum UX work, not just gloss on a UI. Leave any lipstick at home.

The User Experience Manager reports to the Senior Director of Products Management and works in a close team of engineering, quality assurance, product management and many customer facing contributors to deliver a world-class user experience.

Description of Responsibilities:

• Translate business and product-level requirements into feasible, compelling experiences that leave users delighted.
• Create conceptual wireframes, user flow diagrams, and low-fidelity prototypes for discussion and testing purposes.
• Iterate through detailed evaluation with peers from varying disciplines.
• Design high-fidelity mockups to solidify design direction and planning.
• Create working prototypes for usability and proof-of-concept testing.
• Conduct data-driven evaluation of your work through user customer testing.
• Produce shipping designs, finalizing interaction, layout, color, typography, images, and icons.
• Develop and maintain a concise set of personas for use with all UX decision making.
• Get your hands dirty in HTML, CSS and other similar tools.
• Be a vigilant advocate for the user’s experience.
• Take pride in and personal ownership of your work.
• Contribute directly to both the conceptual thinking behind and the physical creation of detailed, high-quality products.
• Research, learn and implement new technologies to develop background for successful product definition.

Minimum Requirements:

• BS/BA/BFA degree (or equivalent) in Computer Science HCI, Visual Tech, Marketing, Business, Communications, Multi-media studies or related fields.
• At least three years of professional design experience in the software industry
• A thorough understanding of user interface design and usability principles
• An online portfolio of work
• Strong general technical competency required (we’re working with encryption here).
• Self-starting, hard-working and inquisitive personality; must thrive in flatland.
• Outstanding communication and teamwork skills.
• Strong leadership, time management and problem solving skills.
• Must work well with others of all personality types in an intense environment.

Company Overview:

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM), and automates the provisioning, discovery, monitoring and management of digital certificates and encryption keys across heterogeneous environments. Venafi reduces the unquantified and unmanaged risks of encryption deployments that result in data breaches, security audit failures and system outages. Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. For more information, go to www.venafi.com.

Venafi is looking for highly motivated, self-starting, top performing individuals to help further grow its leadership position in the rapidly expanding enterprise key and certificate management (EKCM) market and support the needs of its growing customer base. Venafi offers a strong team environment that encourages excellence, seeks out and rewards individual contributions, and provides opportunities for personal and professional development. A competitive, comprehensive benefits package is offered to full-time employees.

To apply for this position, click on the Apply Now button below or send an email with a resume attached to careers@venafi.com. Include the job code and job title in the email subject line and attach your resume.